LaRoy McCann wrote:
I have a dachstein proxy arp firewall in place.
Do I have to setup ipsec or freeswan or something like that to have a windows client be able to vpn to an outside network, or should that be transparent thru the firewall?
Client is on the proxy arped side and is trying to connect using windows vpn adapter to a system on the eth0 side of the router. It gives an error when trying to verify username and password. The computer was checked on a different system and it could vpn into the remote system with no problems.
Please forgive my ignorance about vpns.
Without a diagram, I'm unclear on your exact network layout, but I'll take a stab at helping.
Assuming the following:
- You have at least a 3 interface firewall (upstream, internal, and proxy-arp DMZ).
- The system initiating the VPN link is in the proxy-arp DMZ
- The destination system you're trying to link to is somewhere on the internet (typically, eth0 is the upstream link of a LEAF firewall).
Given the above, you probably do not have rules in place allowing the VPN traffic through the firewall, which is why your VPN is failing.
Simply allowing the appropriate traffic through the firewall ought to get your VPN working, but I can't tell you exactly what ports/protocols to allow without knowing what type of VPN you're trying to create (ie: PPTP, IPSec, etc).
-- Charles Steinkuehler [EMAIL PROTECTED]
------------------------------------------------------- This SF.Net email is sponsored by The 2004 JavaOne(SM) Conference Learn from the experts at JavaOne(SM), Sun's Worldwide Java Developer Conference, June 28 - July 1 at the Moscone Center in San Francisco, CA REGISTER AND SAVE! http://java.sun.com/javaone/sf Priority Code NWMGYKND ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
